Google offers enterprises Verified Access for Chrome OS devices

Google is offering enterprises a way to cryptographically confirm the identity of Chrome OS devices.

The feature, called Verified Access, uses a Google server-side API to guarantee the identity of a device and the user trying to access a network service, like a VPN gateway, enterprise certificate authority (CA), a sensitive server, or an enterprise wi-fi access point . It relies on the Trusted Platform Module found in every Chrome OS device to ensure the device is authentic, unmodified, and policy compliant.

"This matters because most businesses, particularly large enterprises, have policies and requirements in place that allow network and data access only to enterprise-managed and verified devices, but many of the current solutions rely primarily on heuristic client side checks," senior product manager Saswat Panigrahi wrote in a blog post. "But, a bad actor that can compromise your Operating System can probably also fake the signals being checked for."

Google has been using Verified Access internally for years, Panigrahi said. To deploy it, an organization needs to install a Chrome extension on users' Chrome devices.

Security

Do you need antivirus on Linux?

6 ways to protect yourself from getting scammed online, by phone, or IRL

The best VPN free trials for 2024

8 habits of highly secure remote workers

How to find and remove spyware from your phone

• Do you need antivirus on Linux?
• 6 ways to protect yourself from getting scammed online, by phone, or IRL
• The best VPN free trials for 2024
• 8 habits of highly secure remote workers
• How to find and remove spyware from your phone